Cadoles
/
hydra-sql
19
0
Fork 0
Code Issues 5 Pull Requests 1 Projects Releases Wiki Activity

Merge pull request 'fix verify password methode ssha' (#11) from themeConfig into develop
Cadoles/hydra-sql/pipeline/head This commit is unstable Details 

Reviewed-on: #11
This commit is contained in:
Rudy Masson 2023-01-11 10:32:41 +01:00
parent 05a3ddd7cd 39829ca6a1
commit 8d52721172
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/Security/Hasher/PasswordEncoder.php
View File

@ -47,8 +47,8 @@ class PasswordEncoder implements LegacyPasswordHasherInterface
$completedPassword = $this->getPasswordToHash($plainPassword, $salt); $completedPassword = $this->getPasswordToHash($plainPassword, $salt);
foreach ($this->hashAlgoLegacy as $algo) { foreach ($this->hashAlgoLegacy as $algo) {
if ('ssha' === $algo) { if ('ssha' === $algo && $this->compareSsha($hashedPassword, $completedPassword)) {
return $this->compareSsha($hashedPassword, $completedPassword); return true;
} }
if ($this->isObsoleteAlgo($algo)) { if ($this->isObsoleteAlgo($algo)) {
if (hash_equals(hash($algo, $completedPassword), $hashedPassword)) { if (hash_equals(hash($algo, $completedPassword), $hashedPassword)) {